DHCP ethernet security (NPS, other?)

Hello! Looking for a way to secure DHCP over ethernet. I am thinking to use MS Network Policy Server (NPS) along with 802.1x switch.

Any other suggestion?

Best regards

K

Secure it how? Are you trying to encrypt it between the server and client? Or prevent unauthorized clients from connecting to the network (which includes contacting the DHCp server)? Or stop a rogue DHCP client from being installed in your network?

NPS is basically MS implementation of RADIUS, no idea if there are issues with their implementation of if but should be ok.

Personally I use RADIUS to secure my wired external cameras and my wifi clients coupled with openvpn so the wireless connections have better encryption.

Thank you all,
Yes, main concern is to prevent someone to get DHCP from any ethernet plug. I have used MS NPS with WiFi, but never with ethernet.

Best regards

K

Have you thought about just disabling ethernet ports on switches that aren’t in use?

Otherwise 802.1x on the ports is basically the only choice.

Thank you,

Its on a client’s site. Yes, I know we can disable ports, but I guess we will go with NPS.

Best regards

K